2011-03-08 00:04:58 +00:00
/*
* authencesn . c - AEAD wrapper for IPsec with extended sequence numbers ,
* derived from authenc . c
*
* Copyright ( C ) 2010 secunet Security Networks AG
* Copyright ( C ) 2010 Steffen Klassert < steffen . klassert @ secunet . com >
2015-08-07 16:42:59 +08:00
* Copyright ( c ) 2015 Herbert Xu < herbert @ gondor . apana . org . au >
2011-03-08 00:04:58 +00:00
*
* This program is free software ; you can redistribute it and / or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation ; either version 2 of the License , or ( at your option )
* any later version .
*
*/
2015-05-11 17:47:42 +08:00
# include <crypto/internal/aead.h>
2011-03-08 00:04:58 +00:00
# include <crypto/internal/hash.h>
# include <crypto/internal/skcipher.h>
# include <crypto/authenc.h>
2015-08-07 16:42:59 +08:00
# include <crypto/null.h>
2011-03-08 00:04:58 +00:00
# include <crypto/scatterwalk.h>
# include <linux/err.h>
# include <linux/init.h>
# include <linux/kernel.h>
# include <linux/module.h>
# include <linux/rtnetlink.h>
# include <linux/slab.h>
# include <linux/spinlock.h>
struct authenc_esn_instance_ctx {
struct crypto_ahash_spawn auth ;
struct crypto_skcipher_spawn enc ;
} ;
struct crypto_authenc_esn_ctx {
unsigned int reqoff ;
struct crypto_ahash * auth ;
2016-07-12 13:17:35 +08:00
struct crypto_skcipher * enc ;
2018-09-18 19:10:51 -07:00
struct crypto_sync_skcipher * null ;
2011-03-08 00:04:58 +00:00
} ;
struct authenc_esn_request_ctx {
2015-08-07 16:42:59 +08:00
struct scatterlist src [ 2 ] ;
struct scatterlist dst [ 2 ] ;
2011-03-08 00:04:58 +00:00
char tail [ ] ;
} ;
static void authenc_esn_request_complete ( struct aead_request * req , int err )
{
if ( err ! = - EINPROGRESS )
aead_request_complete ( req , err ) ;
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_setauthsize ( struct crypto_aead * authenc_esn ,
unsigned int authsize )
{
if ( authsize > 0 & & authsize < 4 )
return - EINVAL ;
return 0 ;
}
2011-03-08 00:04:58 +00:00
static int crypto_authenc_esn_setkey ( struct crypto_aead * authenc_esn , const u8 * key ,
unsigned int keylen )
{
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( authenc_esn ) ;
struct crypto_ahash * auth = ctx - > auth ;
2016-07-12 13:17:35 +08:00
struct crypto_skcipher * enc = ctx - > enc ;
2013-10-15 13:49:31 +02:00
struct crypto_authenc_keys keys ;
2011-03-08 00:04:58 +00:00
int err = - EINVAL ;
2013-10-15 13:49:31 +02:00
if ( crypto_authenc_extractkeys ( & keys , key , keylen ) ! = 0 )
2011-03-08 00:04:58 +00:00
goto badkey ;
crypto_ahash_clear_flags ( auth , CRYPTO_TFM_REQ_MASK ) ;
crypto_ahash_set_flags ( auth , crypto_aead_get_flags ( authenc_esn ) &
CRYPTO_TFM_REQ_MASK ) ;
2013-10-15 13:49:31 +02:00
err = crypto_ahash_setkey ( auth , keys . authkey , keys . authkeylen ) ;
2011-03-08 00:04:58 +00:00
crypto_aead_set_flags ( authenc_esn , crypto_ahash_get_flags ( auth ) &
CRYPTO_TFM_RES_MASK ) ;
if ( err )
goto out ;
2016-07-12 13:17:35 +08:00
crypto_skcipher_clear_flags ( enc , CRYPTO_TFM_REQ_MASK ) ;
crypto_skcipher_set_flags ( enc , crypto_aead_get_flags ( authenc_esn ) &
2011-03-08 00:04:58 +00:00
CRYPTO_TFM_REQ_MASK ) ;
2016-07-12 13:17:35 +08:00
err = crypto_skcipher_setkey ( enc , keys . enckey , keys . enckeylen ) ;
crypto_aead_set_flags ( authenc_esn , crypto_skcipher_get_flags ( enc ) &
2011-03-08 00:04:58 +00:00
CRYPTO_TFM_RES_MASK ) ;
out :
2018-04-03 09:39:01 +03:00
memzero_explicit ( & keys , sizeof ( keys ) ) ;
2011-03-08 00:04:58 +00:00
return err ;
badkey :
crypto_aead_set_flags ( authenc_esn , CRYPTO_TFM_RES_BAD_KEY_LEN ) ;
goto out ;
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_genicv_tail ( struct aead_request * req ,
unsigned int flags )
2011-03-08 00:04:58 +00:00
{
struct crypto_aead * authenc_esn = crypto_aead_reqtfm ( req ) ;
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( authenc_esn ) ;
struct authenc_esn_request_ctx * areq_ctx = aead_request_ctx ( req ) ;
2015-08-07 16:42:59 +08:00
struct crypto_ahash * auth = ctx - > auth ;
u8 * hash = PTR_ALIGN ( ( u8 * ) areq_ctx - > tail ,
crypto_ahash_alignmask ( auth ) + 1 ) ;
unsigned int authsize = crypto_aead_authsize ( authenc_esn ) ;
unsigned int assoclen = req - > assoclen ;
unsigned int cryptlen = req - > cryptlen ;
struct scatterlist * dst = req - > dst ;
u32 tmp [ 2 ] ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
/* Move high-order bits of sequence number back. */
scatterwalk_map_and_copy ( tmp , dst , 4 , 4 , 0 ) ;
scatterwalk_map_and_copy ( tmp + 1 , dst , assoclen + cryptlen , 4 , 0 ) ;
scatterwalk_map_and_copy ( tmp , dst , 0 , 8 , 1 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
scatterwalk_map_and_copy ( hash , dst , assoclen + cryptlen , authsize , 1 ) ;
return 0 ;
2011-03-08 00:04:58 +00:00
}
static void authenc_esn_geniv_ahash_done ( struct crypto_async_request * areq ,
int err )
{
struct aead_request * req = areq - > data ;
2015-08-07 16:42:59 +08:00
err = err ? : crypto_authenc_esn_genicv_tail ( req , 0 ) ;
2011-03-08 00:04:58 +00:00
aead_request_complete ( req , err ) ;
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_genicv ( struct aead_request * req ,
unsigned int flags )
2011-03-08 00:04:58 +00:00
{
struct crypto_aead * authenc_esn = crypto_aead_reqtfm ( req ) ;
struct authenc_esn_request_ctx * areq_ctx = aead_request_ctx ( req ) ;
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( authenc_esn ) ;
2015-08-07 16:42:59 +08:00
struct crypto_ahash * auth = ctx - > auth ;
u8 * hash = PTR_ALIGN ( ( u8 * ) areq_ctx - > tail ,
crypto_ahash_alignmask ( auth ) + 1 ) ;
2011-03-08 00:04:58 +00:00
struct ahash_request * ahreq = ( void * ) ( areq_ctx - > tail + ctx - > reqoff ) ;
2015-08-07 16:42:59 +08:00
unsigned int authsize = crypto_aead_authsize ( authenc_esn ) ;
unsigned int assoclen = req - > assoclen ;
2011-03-08 00:04:58 +00:00
unsigned int cryptlen = req - > cryptlen ;
2015-08-07 16:42:59 +08:00
struct scatterlist * dst = req - > dst ;
u32 tmp [ 2 ] ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
if ( ! authsize )
return 0 ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
/* Move high-order bits of sequence number to the end. */
scatterwalk_map_and_copy ( tmp , dst , 0 , 8 , 0 ) ;
scatterwalk_map_and_copy ( tmp , dst , 4 , 4 , 1 ) ;
scatterwalk_map_and_copy ( tmp + 1 , dst , assoclen + cryptlen , 4 , 1 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
sg_init_table ( areq_ctx - > dst , 2 ) ;
dst = scatterwalk_ffwd ( areq_ctx - > dst , dst , 4 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
ahash_request_set_tfm ( ahreq , auth ) ;
ahash_request_set_crypt ( ahreq , dst , hash , assoclen + cryptlen ) ;
ahash_request_set_callback ( ahreq , flags ,
authenc_esn_geniv_ahash_done , req ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
return crypto_ahash_digest ( ahreq ) ? :
crypto_authenc_esn_genicv_tail ( req , aead_request_flags ( req ) ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static void crypto_authenc_esn_encrypt_done ( struct crypto_async_request * req ,
int err )
2011-03-08 00:04:58 +00:00
{
2015-08-07 16:42:59 +08:00
struct aead_request * areq = req - > data ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
if ( ! err )
err = crypto_authenc_esn_genicv ( areq , 0 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
authenc_esn_request_complete ( areq , err ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_copy ( struct aead_request * req , unsigned int len )
2011-03-08 00:04:58 +00:00
{
struct crypto_aead * authenc_esn = crypto_aead_reqtfm ( req ) ;
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( authenc_esn ) ;
2018-09-18 19:10:51 -07:00
SYNC_SKCIPHER_REQUEST_ON_STACK ( skreq , ctx - > null ) ;
2011-03-08 00:04:58 +00:00
2018-09-18 19:10:51 -07:00
skcipher_request_set_sync_tfm ( skreq , ctx - > null ) ;
2016-07-12 13:17:35 +08:00
skcipher_request_set_callback ( skreq , aead_request_flags ( req ) ,
NULL , NULL ) ;
skcipher_request_set_crypt ( skreq , req - > src , req - > dst , len , NULL ) ;
return crypto_skcipher_encrypt ( skreq ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_encrypt ( struct aead_request * req )
2011-03-08 00:04:58 +00:00
{
struct crypto_aead * authenc_esn = crypto_aead_reqtfm ( req ) ;
struct authenc_esn_request_ctx * areq_ctx = aead_request_ctx ( req ) ;
2015-08-07 16:42:59 +08:00
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( authenc_esn ) ;
2016-07-12 13:17:35 +08:00
struct skcipher_request * skreq = ( void * ) ( areq_ctx - > tail +
ctx - > reqoff ) ;
struct crypto_skcipher * enc = ctx - > enc ;
2015-08-07 16:42:59 +08:00
unsigned int assoclen = req - > assoclen ;
2011-03-08 00:04:58 +00:00
unsigned int cryptlen = req - > cryptlen ;
2015-08-07 16:42:59 +08:00
struct scatterlist * src , * dst ;
int err ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
sg_init_table ( areq_ctx - > src , 2 ) ;
src = scatterwalk_ffwd ( areq_ctx - > src , req - > src , assoclen ) ;
dst = src ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
if ( req - > src ! = req - > dst ) {
err = crypto_authenc_esn_copy ( req , assoclen ) ;
if ( err )
return err ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
sg_init_table ( areq_ctx - > dst , 2 ) ;
dst = scatterwalk_ffwd ( areq_ctx - > dst , req - > dst , assoclen ) ;
2011-03-08 00:04:58 +00:00
}
2016-07-12 13:17:35 +08:00
skcipher_request_set_tfm ( skreq , enc ) ;
skcipher_request_set_callback ( skreq , aead_request_flags ( req ) ,
crypto_authenc_esn_encrypt_done , req ) ;
skcipher_request_set_crypt ( skreq , src , dst , cryptlen , req - > iv ) ;
2011-03-08 00:04:58 +00:00
2016-07-12 13:17:35 +08:00
err = crypto_skcipher_encrypt ( skreq ) ;
2011-03-08 00:04:58 +00:00
if ( err )
return err ;
2015-08-07 16:42:59 +08:00
return crypto_authenc_esn_genicv ( req , aead_request_flags ( req ) ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_decrypt_tail ( struct aead_request * req ,
unsigned int flags )
2011-03-08 00:04:58 +00:00
{
2015-08-07 16:42:59 +08:00
struct crypto_aead * authenc_esn = crypto_aead_reqtfm ( req ) ;
unsigned int authsize = crypto_aead_authsize ( authenc_esn ) ;
struct authenc_esn_request_ctx * areq_ctx = aead_request_ctx ( req ) ;
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( authenc_esn ) ;
2016-07-12 13:17:35 +08:00
struct skcipher_request * skreq = ( void * ) ( areq_ctx - > tail +
ctx - > reqoff ) ;
2015-08-07 16:42:59 +08:00
struct crypto_ahash * auth = ctx - > auth ;
u8 * ohash = PTR_ALIGN ( ( u8 * ) areq_ctx - > tail ,
crypto_ahash_alignmask ( auth ) + 1 ) ;
unsigned int cryptlen = req - > cryptlen - authsize ;
unsigned int assoclen = req - > assoclen ;
struct scatterlist * dst = req - > dst ;
u8 * ihash = ohash + crypto_ahash_digestsize ( auth ) ;
u32 tmp [ 2 ] ;
2011-03-08 00:04:58 +00:00
2017-07-17 15:32:30 +08:00
if ( ! authsize )
goto decrypt ;
2015-08-07 16:42:59 +08:00
/* Move high-order bits of sequence number back. */
scatterwalk_map_and_copy ( tmp , dst , 4 , 4 , 0 ) ;
scatterwalk_map_and_copy ( tmp + 1 , dst , assoclen + cryptlen , 4 , 0 ) ;
scatterwalk_map_and_copy ( tmp , dst , 0 , 8 , 1 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
if ( crypto_memneq ( ihash , ohash , authsize ) )
return - EBADMSG ;
2011-03-08 00:04:58 +00:00
2017-07-17 15:32:30 +08:00
decrypt :
2015-08-07 16:42:59 +08:00
sg_init_table ( areq_ctx - > dst , 2 ) ;
dst = scatterwalk_ffwd ( areq_ctx - > dst , dst , assoclen ) ;
2011-03-08 00:04:58 +00:00
2016-07-12 13:17:35 +08:00
skcipher_request_set_tfm ( skreq , ctx - > enc ) ;
skcipher_request_set_callback ( skreq , flags ,
req - > base . complete , req - > base . data ) ;
skcipher_request_set_crypt ( skreq , dst , dst , cryptlen , req - > iv ) ;
2011-03-08 00:04:58 +00:00
2016-07-12 13:17:35 +08:00
return crypto_skcipher_decrypt ( skreq ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static void authenc_esn_verify_ahash_done ( struct crypto_async_request * areq ,
int err )
2011-03-08 00:04:58 +00:00
{
2015-08-07 16:42:59 +08:00
struct aead_request * req = areq - > data ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
err = err ? : crypto_authenc_esn_decrypt_tail ( req , 0 ) ;
aead_request_complete ( req , err ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_decrypt ( struct aead_request * req )
2011-03-08 00:04:58 +00:00
{
struct crypto_aead * authenc_esn = crypto_aead_reqtfm ( req ) ;
struct authenc_esn_request_ctx * areq_ctx = aead_request_ctx ( req ) ;
2015-08-07 16:42:59 +08:00
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( authenc_esn ) ;
struct ahash_request * ahreq = ( void * ) ( areq_ctx - > tail + ctx - > reqoff ) ;
unsigned int authsize = crypto_aead_authsize ( authenc_esn ) ;
struct crypto_ahash * auth = ctx - > auth ;
u8 * ohash = PTR_ALIGN ( ( u8 * ) areq_ctx - > tail ,
crypto_ahash_alignmask ( auth ) + 1 ) ;
unsigned int assoclen = req - > assoclen ;
unsigned int cryptlen = req - > cryptlen ;
u8 * ihash = ohash + crypto_ahash_digestsize ( auth ) ;
struct scatterlist * dst = req - > dst ;
u32 tmp [ 2 ] ;
int err ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
cryptlen - = authsize ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
if ( req - > src ! = dst ) {
err = crypto_authenc_esn_copy ( req , assoclen + cryptlen ) ;
if ( err )
return err ;
}
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
scatterwalk_map_and_copy ( ihash , req - > src , assoclen + cryptlen ,
authsize , 0 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
if ( ! authsize )
goto tail ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
/* Move high-order bits of sequence number to the end. */
scatterwalk_map_and_copy ( tmp , dst , 0 , 8 , 0 ) ;
scatterwalk_map_and_copy ( tmp , dst , 4 , 4 , 1 ) ;
scatterwalk_map_and_copy ( tmp + 1 , dst , assoclen + cryptlen , 4 , 1 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
sg_init_table ( areq_ctx - > dst , 2 ) ;
dst = scatterwalk_ffwd ( areq_ctx - > dst , dst , 4 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
ahash_request_set_tfm ( ahreq , auth ) ;
ahash_request_set_crypt ( ahreq , dst , ohash , assoclen + cryptlen ) ;
ahash_request_set_callback ( ahreq , aead_request_flags ( req ) ,
authenc_esn_verify_ahash_done , req ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
err = crypto_ahash_digest ( ahreq ) ;
2011-03-08 00:04:58 +00:00
if ( err )
return err ;
2015-08-07 16:42:59 +08:00
tail :
return crypto_authenc_esn_decrypt_tail ( req , aead_request_flags ( req ) ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_init_tfm ( struct crypto_aead * tfm )
2011-03-08 00:04:58 +00:00
{
2015-08-07 16:42:59 +08:00
struct aead_instance * inst = aead_alg_instance ( tfm ) ;
struct authenc_esn_instance_ctx * ictx = aead_instance_ctx ( inst ) ;
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( tfm ) ;
2011-03-08 00:04:58 +00:00
struct crypto_ahash * auth ;
2016-07-12 13:17:35 +08:00
struct crypto_skcipher * enc ;
2018-09-18 19:10:51 -07:00
struct crypto_sync_skcipher * null ;
2011-03-08 00:04:58 +00:00
int err ;
auth = crypto_spawn_ahash ( & ictx - > auth ) ;
if ( IS_ERR ( auth ) )
return PTR_ERR ( auth ) ;
2016-10-28 09:52:19 -07:00
enc = crypto_spawn_skcipher ( & ictx - > enc ) ;
2011-03-08 00:04:58 +00:00
err = PTR_ERR ( enc ) ;
if ( IS_ERR ( enc ) )
goto err_free_ahash ;
2017-12-07 10:56:34 -08:00
null = crypto_get_default_null_skcipher ( ) ;
2015-08-07 16:42:59 +08:00
err = PTR_ERR ( null ) ;
if ( IS_ERR ( null ) )
goto err_free_skcipher ;
2011-03-08 00:04:58 +00:00
ctx - > auth = auth ;
ctx - > enc = enc ;
2015-08-07 16:42:59 +08:00
ctx - > null = null ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
ctx - > reqoff = ALIGN ( 2 * crypto_ahash_digestsize ( auth ) ,
crypto_ahash_alignmask ( auth ) + 1 ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
crypto_aead_set_reqsize (
tfm ,
2015-05-11 17:47:55 +08:00
sizeof ( struct authenc_esn_request_ctx ) +
ctx - > reqoff +
max_t ( unsigned int ,
2016-07-12 13:17:35 +08:00
crypto_ahash_reqsize ( auth ) +
sizeof ( struct ahash_request ) ,
sizeof ( struct skcipher_request ) +
crypto_skcipher_reqsize ( enc ) ) ) ;
2011-03-08 00:04:58 +00:00
return 0 ;
2015-08-07 16:42:59 +08:00
err_free_skcipher :
2016-07-12 13:17:35 +08:00
crypto_free_skcipher ( enc ) ;
2011-03-08 00:04:58 +00:00
err_free_ahash :
crypto_free_ahash ( auth ) ;
return err ;
}
2015-08-07 16:42:59 +08:00
static void crypto_authenc_esn_exit_tfm ( struct crypto_aead * tfm )
2011-03-08 00:04:58 +00:00
{
2015-08-07 16:42:59 +08:00
struct crypto_authenc_esn_ctx * ctx = crypto_aead_ctx ( tfm ) ;
2011-03-08 00:04:58 +00:00
crypto_free_ahash ( ctx - > auth ) ;
2016-07-12 13:17:35 +08:00
crypto_free_skcipher ( ctx - > enc ) ;
2017-12-07 10:56:34 -08:00
crypto_put_default_null_skcipher ( ) ;
2015-08-07 16:42:59 +08:00
}
static void crypto_authenc_esn_free ( struct aead_instance * inst )
{
struct authenc_esn_instance_ctx * ctx = aead_instance_ctx ( inst ) ;
crypto_drop_skcipher ( & ctx - > enc ) ;
crypto_drop_ahash ( & ctx - > auth ) ;
kfree ( inst ) ;
2011-03-08 00:04:58 +00:00
}
2015-08-07 16:42:59 +08:00
static int crypto_authenc_esn_create ( struct crypto_template * tmpl ,
struct rtattr * * tb )
2011-03-08 00:04:58 +00:00
{
struct crypto_attr_type * algt ;
2015-08-07 16:42:59 +08:00
struct aead_instance * inst ;
2011-03-08 00:04:58 +00:00
struct hash_alg_common * auth ;
struct crypto_alg * auth_base ;
2016-07-12 13:17:35 +08:00
struct skcipher_alg * enc ;
2011-03-08 00:04:58 +00:00
struct authenc_esn_instance_ctx * ctx ;
const char * enc_name ;
int err ;
algt = crypto_get_attr_type ( tb ) ;
if ( IS_ERR ( algt ) )
2015-08-07 16:42:59 +08:00
return PTR_ERR ( algt ) ;
2011-03-08 00:04:58 +00:00
2015-08-13 17:29:06 +08:00
if ( ( algt - > type ^ CRYPTO_ALG_TYPE_AEAD ) & algt - > mask )
2015-08-07 16:42:59 +08:00
return - EINVAL ;
2011-03-08 00:04:58 +00:00
auth = ahash_attr_alg ( tb [ 1 ] , CRYPTO_ALG_TYPE_HASH ,
2016-06-29 18:03:46 +08:00
CRYPTO_ALG_TYPE_AHASH_MASK |
crypto_requires_sync ( algt - > type , algt - > mask ) ) ;
2011-03-08 00:04:58 +00:00
if ( IS_ERR ( auth ) )
2015-08-07 16:42:59 +08:00
return PTR_ERR ( auth ) ;
2011-03-08 00:04:58 +00:00
auth_base = & auth - > base ;
enc_name = crypto_attr_alg_name ( tb [ 2 ] ) ;
err = PTR_ERR ( enc_name ) ;
if ( IS_ERR ( enc_name ) )
goto out_put_auth ;
inst = kzalloc ( sizeof ( * inst ) + sizeof ( * ctx ) , GFP_KERNEL ) ;
err = - ENOMEM ;
if ( ! inst )
goto out_put_auth ;
2015-08-07 16:42:59 +08:00
ctx = aead_instance_ctx ( inst ) ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
err = crypto_init_ahash_spawn ( & ctx - > auth , auth ,
aead_crypto_instance ( inst ) ) ;
2011-03-08 00:04:58 +00:00
if ( err )
goto err_free_inst ;
2015-08-07 16:42:59 +08:00
crypto_set_skcipher_spawn ( & ctx - > enc , aead_crypto_instance ( inst ) ) ;
2016-10-28 09:51:13 -07:00
err = crypto_grab_skcipher ( & ctx - > enc , enc_name , 0 ,
crypto_requires_sync ( algt - > type ,
algt - > mask ) ) ;
2011-03-08 00:04:58 +00:00
if ( err )
goto err_drop_auth ;
2016-07-12 13:17:35 +08:00
enc = crypto_spawn_skcipher_alg ( & ctx - > enc ) ;
2011-03-08 00:04:58 +00:00
err = - ENAMETOOLONG ;
2015-08-07 16:42:59 +08:00
if ( snprintf ( inst - > alg . base . cra_name , CRYPTO_MAX_ALG_NAME ,
" authencesn(%s,%s) " , auth_base - > cra_name ,
2016-07-12 13:17:35 +08:00
enc - > base . cra_name ) > = CRYPTO_MAX_ALG_NAME )
2011-03-08 00:04:58 +00:00
goto err_drop_enc ;
2015-08-07 16:42:59 +08:00
if ( snprintf ( inst - > alg . base . cra_driver_name , CRYPTO_MAX_ALG_NAME ,
2011-03-08 00:04:58 +00:00
" authencesn(%s,%s) " , auth_base - > cra_driver_name ,
2016-07-12 13:17:35 +08:00
enc - > base . cra_driver_name ) > = CRYPTO_MAX_ALG_NAME )
2011-03-08 00:04:58 +00:00
goto err_drop_enc ;
2016-07-12 13:17:35 +08:00
inst - > alg . base . cra_flags = ( auth_base - > cra_flags |
enc - > base . cra_flags ) & CRYPTO_ALG_ASYNC ;
inst - > alg . base . cra_priority = enc - > base . cra_priority * 10 +
2015-08-07 16:42:59 +08:00
auth_base - > cra_priority ;
2016-07-12 13:17:35 +08:00
inst - > alg . base . cra_blocksize = enc - > base . cra_blocksize ;
2015-08-07 16:42:59 +08:00
inst - > alg . base . cra_alignmask = auth_base - > cra_alignmask |
2016-07-12 13:17:35 +08:00
enc - > base . cra_alignmask ;
2015-08-07 16:42:59 +08:00
inst - > alg . base . cra_ctxsize = sizeof ( struct crypto_authenc_esn_ctx ) ;
2016-07-12 13:17:35 +08:00
inst - > alg . ivsize = crypto_skcipher_alg_ivsize ( enc ) ;
inst - > alg . chunksize = crypto_skcipher_alg_chunksize ( enc ) ;
2015-08-07 16:42:59 +08:00
inst - > alg . maxauthsize = auth - > digestsize ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
inst - > alg . init = crypto_authenc_esn_init_tfm ;
inst - > alg . exit = crypto_authenc_esn_exit_tfm ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
inst - > alg . setkey = crypto_authenc_esn_setkey ;
inst - > alg . setauthsize = crypto_authenc_esn_setauthsize ;
inst - > alg . encrypt = crypto_authenc_esn_encrypt ;
inst - > alg . decrypt = crypto_authenc_esn_decrypt ;
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
inst - > free = crypto_authenc_esn_free ,
2011-03-08 00:04:58 +00:00
2015-08-07 16:42:59 +08:00
err = aead_register_instance ( tmpl , inst ) ;
if ( err )
goto err_drop_enc ;
2011-03-08 00:04:58 +00:00
out :
crypto_mod_put ( auth_base ) ;
2015-08-07 16:42:59 +08:00
return err ;
2011-03-08 00:04:58 +00:00
err_drop_enc :
crypto_drop_skcipher ( & ctx - > enc ) ;
err_drop_auth :
crypto_drop_ahash ( & ctx - > auth ) ;
err_free_inst :
kfree ( inst ) ;
out_put_auth :
goto out ;
}
static struct crypto_template crypto_authenc_esn_tmpl = {
. name = " authencesn " ,
2015-08-07 16:42:59 +08:00
. create = crypto_authenc_esn_create ,
2011-03-08 00:04:58 +00:00
. module = THIS_MODULE ,
} ;
static int __init crypto_authenc_esn_module_init ( void )
{
return crypto_register_template ( & crypto_authenc_esn_tmpl ) ;
}
static void __exit crypto_authenc_esn_module_exit ( void )
{
crypto_unregister_template ( & crypto_authenc_esn_tmpl ) ;
}
module_init ( crypto_authenc_esn_module_init ) ;
module_exit ( crypto_authenc_esn_module_exit ) ;
MODULE_LICENSE ( " GPL " ) ;
MODULE_AUTHOR ( " Steffen Klassert <steffen.klassert@secunet.com> " ) ;
MODULE_DESCRIPTION ( " AEAD wrapper for IPsec with extended sequence numbers " ) ;
2014-11-24 16:32:38 -08:00
MODULE_ALIAS_CRYPTO ( " authencesn " ) ;